last executing test programs: 52.353648963s ago: executing program 4 (id=654): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}}) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000040)={r2}) 44.70410017s ago: executing program 2 (id=673): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r3, 0x0) 44.451718094s ago: executing program 2 (id=676): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x1}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0x5c, {0x5c, 0x0, "8e0d90ae32c35f3a2a2d488b7abea00b9ee9ab2cd38b8fde7fa777d80e1e150267a099a7d786db25384f61015614816a970846fe203fc34cc84c396645fbdc8465ca70ddb793d0a33f2ee71533b4f432df78f0883a86580014c4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 43.239794134s ago: executing program 0 (id=682): r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file1/file0\x00', 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f000044b000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3}) mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xc, 0x90032, 0xffffffffffffffff, 0x100000000) r2 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0) r3 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000040)={'hsr0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x1e, "daf0774742d14158e6f99a462a77285506007f962b1c7e77ece51c568b04"}}) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) close(0x3) r7 = userfaultfd(0x80001) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000}) r8 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r8, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) 40.785944539s ago: executing program 0 (id=684): r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='task\x00') fchdir(r0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xc, 0xc, &(0x7f0000000040)=ANY=[@ANYRES16], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r1, &(0x7f0000000080)=""/43, 0x2b) getdents(r1, 0xfffffffffffffffd, 0x58) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000003c0)={'bridge0\x00'}) 40.781916232s ago: executing program 2 (id=693): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000015000000000000170000400000000000000095"], &(0x7f0000000080)='GPL\x00', 0x8, 0x87, &(0x7f0000000200)=""/135}, 0x90) 38.766597843s ago: executing program 0 (id=696): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f00000001c0), 0xfec8) recvmmsg(r1, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1}}], 0x2, 0x0, 0x0) 38.766138903s ago: executing program 2 (id=687): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f00000002c0), 0x4) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x297880, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0/../file0/../file0\x00', 0x0, 0x1218024, &(0x7f00000005c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0xee01, @ANYBLOB=',uid=', @ANYRESHEX=0x0]) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYRES8, @ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYRES8], &(0x7f0000000040)='GPL\x00', 0x0, 0x40, 0x0, 0x0, 0x0, '\x00', r2}, 0x80) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r3, &(0x7f0000003180)={0x2020}, 0x2020) 38.013945761s ago: executing program 2 (id=689): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000000c0)={0x44, &(0x7f00000002c0)={0x0, 0x0, 0x1, "02"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 37.914220952s ago: executing program 0 (id=690): r0 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x30, r0, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3800000000000000}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x30}}, 0x0) 37.868217037s ago: executing program 2 (id=691): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000001c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fanotify_init(0x0, 0x0) 37.301827096s ago: executing program 0 (id=695): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x33fe0}}, 0x0) 36.777420378s ago: executing program 0 (id=698): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000500)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r4], [0x2b8]}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000380)={0x0, 0x0, r2, 0x0}) ioctl$DRM_IOCTL_MODE_RMFB(r0, 0xc00464af, &(0x7f00000000c0)=r5) 34.818512223s ago: executing program 3 (id=701): fanotify_mark(0xffffffffffffffff, 0x618, 0x0, 0xffffffffffffffff, 0x0) 34.619198114s ago: executing program 3 (id=702): prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000080)=[0xee00]) setregid(0x0, r0) r1 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) setgroups(0x3, &(0x7f0000000040)=[r3, r0, 0xee01]) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) 34.395450405s ago: executing program 3 (id=703): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}]}, 0x1c}}, 0x0) 34.073565707s ago: executing program 3 (id=704): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$inet(0x2, 0x0, 0x8d) setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="be"], 0x1) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) unlinkat(0xffffffffffffffff, &(0x7f0000000380)='./file1\x00', 0x200) socket$inet6_udplite(0xa, 0x2, 0x88) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r4, &(0x7f0000004180)={0x2020}, 0x2020) 30.778265775s ago: executing program 3 (id=707): prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) io_uring_setup(0x0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_dev$ptys(0xc, 0x3, 0x1) socket$rds(0x15, 0x5, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) 24.938043979s ago: executing program 3 (id=712): r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000040)=0x9, 0x4) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) recvmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/47, 0x2f}}], 0x1, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) 3.480621318s ago: executing program 1 (id=735): getpid() recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) getsockopt$ax25_int(r0, 0x102, 0x0, &(0x7f0000000080), &(0x7f00000001c0)=0x4) 3.20001838s ago: executing program 1 (id=736): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x25}}, [@NFT_MSG_NEWSETELEM={0x20, 0x1e, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0) 2.805256655s ago: executing program 1 (id=737): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r7, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff}) ioctl$IOMMU_TEST_OP_ACCESS_RW(r3, 0x3ba0, &(0x7f0000000240)={0x48, 0x8, r8, 0x0, 0x0, 0x1, &(0x7f0000000100)='>', 0x1}) 1.754174613s ago: executing program 1 (id=738): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/vlan0\x00') ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40}) lseek(r1, 0x0, 0x0) 1.290650153s ago: executing program 1 (id=739): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) connect$unix(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x10) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@RTM_NEWMDB={0x12, 0x54, 0x1}, 0x18}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 1.040782522s ago: executing program 4 (id=683): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='freezer.parent_freezing\x00', 0x275a, 0x0) r1 = fanotify_init(0x0, 0x0) r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) fanotify_mark(r1, 0x641, 0x4800003a, r2, 0x0) fanotify_mark(r1, 0x1, 0x1023, r2, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) 793.429487ms ago: executing program 4 (id=740): iopl(0x3) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3, 0x0, 0x0, 0x0) 522.09143ms ago: executing program 4 (id=741): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x9, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x7a}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 389.201129ms ago: executing program 4 (id=742): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) symlink(&(0x7f0000000340)='./file1\x00', &(0x7f0000000200)='./file0/file1\x00') mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mkdir(&(0x7f0000000240)='./file1/file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000340)='./file0\x00', r1, &(0x7f00000003c0)='./file1\x00', 0x2) 225.321953ms ago: executing program 1 (id=743): mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x1) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r0) close(r0) mount(&(0x7f0000000080)=@filename='./file0\x00', &(0x7f0000000b80)='./file0\x00', &(0x7f00000000c0)='befs\x00', 0x0, 0x0) 0s ago: executing program 4 (id=744): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000009f000040"]) kernel console output (not intermixed with test programs): 00 [ 118.065144][ T5223] gspca_vc032x: I2c Bus Busy Wait 00 [ 118.070536][ T5223] gspca_vc032x: I2c Bus Busy Wait 00 [ 118.075836][ T5223] gspca_vc032x: I2c Bus Busy Wait 00 [ 118.082686][ T5223] gspca_vc032x: I2c Bus Busy Wait 00 [ 118.088000][ T5223] gspca_vc032x: I2c Bus Busy Wait 00 [ 118.095030][ T5223] gspca_vc032x: Unknown sensor... [ 118.105843][ T5223] vc032x 5-1:0.0: probe with driver vc032x failed with error -22 [ 118.146015][ T5223] usb 5-1: USB disconnect, device number 4 [ 118.186644][ T5873] capability: warning: `syz.3.145' uses deprecated v2 capabilities in a way that may be insecure [ 118.206190][ T5873] program syz.3.145 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 118.362786][ T5216] gspca_vc032x: reg_w err -71 [ 118.370591][ T5216] vc032x 2-1:0.0: probe with driver vc032x failed with error -71 [ 118.404056][ T5879] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 118.409533][ T5216] usb 2-1: USB disconnect, device number 5 [ 118.872722][ T29] audit: type=1800 audit(1722848560.908:8): pid=5875 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.146" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 118.956477][ T5895] netlink: 'syz.4.154': attribute type 20 has an invalid length. [ 119.706340][ T5887] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.150'. [ 119.733282][ T5887] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 119.750523][ T5887] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 119.811898][ T5230] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 120.029802][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.161'. [ 120.050550][ T5230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.067627][ T5230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.078926][ T5230] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 120.089869][ T5230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.115739][ T5230] usb 5-1: config 0 descriptor?? [ 120.310778][ T940] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 120.506189][ T940] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 120.533998][ T940] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83 [ 120.580788][ T940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 120.584659][ T5230] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0 [ 120.630336][ T5230] lg-g15 0003:046D:C222.0002: item fetching failed at offset 9/11 [ 120.642206][ T5230] lg-g15 0003:046D:C222.0002: probe with driver lg-g15 failed with error -22 [ 120.690716][ T5933] process 'syz.1.165' launched './file0' with NULL argv: empty string added [ 120.717110][ T5934] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 120.808194][ T940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 120.818154][ T940] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 120.834574][ T940] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 120.856813][ T940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.865750][ T940] usb 3-1: Product: syz [ 120.880349][ T940] usb 3-1: Manufacturer: syz [ 121.503114][ T940] usb 3-1: SerialNumber: syz [ 121.510464][ T940] usb 3-1: config 0 descriptor?? [ 121.525474][ T5230] usb 5-1: USB disconnect, device number 5 [ 121.529774][ T940] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90) [ 121.591650][ T940] imon 3-1:0.0: unable to initialize intf0, err -90 [ 121.598324][ T940] imon:imon_probe: failed to initialize context! [ 121.660765][ T940] imon 3-1:0.0: unable to register, err -19 [ 121.873011][ T940] usb 3-1: USB disconnect, device number 4 [ 126.968029][ T5994] VFS: could not find a valid V7 on nullb0. [ 129.398995][ T6037] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.203'. [ 129.539342][ T6039] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'. [ 129.877674][ T6050] netlink: 6 bytes leftover after parsing attributes in process `syz.2.211'. [ 129.901264][ T6050] netlink: 6 bytes leftover after parsing attributes in process `syz.2.211'. [ 129.951985][ T6051] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 130.138925][ T6051] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 38596 - 0 [ 130.185526][ T6051] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 38596 - 0 [ 130.209466][ T6051] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 38596 - 0 [ 130.228465][ T6051] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 38596 - 0 [ 130.261333][ T5274] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 130.271247][ T6051] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 59033 - 0 [ 130.282313][ T5274] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 130.298483][ T6051] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 59033 - 0 [ 130.324989][ T6051] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 59033 - 0 [ 130.336149][ T5274] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 130.347815][ T6051] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 59033 - 0 [ 130.388934][ T6051] geneve2: entered promiscuous mode [ 130.411008][ T6051] geneve2: entered allmulticast mode [ 130.520538][ T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 130.900946][ T46] usb 3-1: Using ep0 maxpacket: 16 [ 131.362127][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 131.374111][ T46] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 131.386637][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.421327][ T46] usb 3-1: config 0 descriptor?? [ 131.511379][ T5222] Bluetooth: hci3: unexpected event 0x06 length: 23 > 3 [ 131.576091][ T6082] x_tables: ip_tables: udp match: only valid for protocol 17 [ 131.616436][ T6082] netlink: 'syz.0.219': attribute type 7 has an invalid length. [ 131.643907][ T6082] netlink: 188520 bytes leftover after parsing attributes in process `syz.0.219'. [ 131.672250][ T6079] netlink: 'syz.0.219': attribute type 3 has an invalid length. [ 131.684382][ T6079] netlink: 188520 bytes leftover after parsing attributes in process `syz.0.219'. [ 131.865317][ T6050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.900651][ T6050] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.174177][ T46] hid (null): nested delimiters [ 132.188629][ T46] hid (null): nested delimiters [ 132.973307][ T46] hid (null): nested delimiters [ 132.978639][ T46] hid (null): report_id 24797 is invalid [ 132.986136][ T46] hid (null): bogus close delimiter [ 133.002204][ T46] hid (null): unknown global tag 0x83 [ 133.007800][ T46] hid (null): unknown global tag 0xc [ 133.061436][ T46] hid-generic 0003:0158:0100.0004: unknown main item tag 0x1 [ 133.082727][ T46] hid-generic 0003:0158:0100.0004: unexpected long global item [ 133.119558][ T46] hid-generic 0003:0158:0100.0004: probe with driver hid-generic failed with error -22 [ 133.159309][ T46] usb 3-1: USB disconnect, device number 5 [ 133.228077][ T1258] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.237668][ T1258] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.280524][ T940] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 133.585336][ T940] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 133.669133][ T940] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 133.678432][ T5362] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 133.773776][ T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 133.891616][ T940] usb 1-1: SerialNumber: syz [ 134.107778][ T940] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 134.510365][ T5362] usb 5-1: Using ep0 maxpacket: 32 [ 134.518552][ T5362] usb 5-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 134.529303][ T5362] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.544313][ T5362] usb 5-1: config 0 descriptor?? [ 134.557754][ T5362] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 138.312240][ T5362] gspca_sunplus: reg_w_riv err -110 [ 138.317582][ T5362] sunplus 5-1:0.0: probe with driver sunplus failed with error -110 [ 138.400664][ T5230] usb 1-1: USB disconnect, device number 5 [ 138.547086][ T5362] usb 5-1: USB disconnect, device number 6 [ 139.193339][ T6142] loop0: detected capacity change from 0 to 7 [ 139.226386][ T6142] Dev loop0: unable to read RDB block 7 [ 139.244207][ T940] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 139.246599][ T6142] loop0: AHDI p2 p3 p4 [ 139.269468][ T6142] loop0: partition table partially beyond EOD, truncated [ 139.304184][ T6142] loop0: p2 start 808463477 is beyond EOD, truncated [ 139.326999][ T6142] loop0: p3 start 6514546 is beyond EOD, truncated [ 139.492765][ T940] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 139.546644][ T940] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid wMaxPacketSize 0 [ 139.573840][ T940] usb 5-1: config 0 interface 0 has no altsetting 0 [ 139.614527][ T940] usb 5-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3 [ 139.638003][ T940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.654916][ T940] usb 5-1: Product: syz [ 139.660231][ T940] usb 5-1: Manufacturer: syz [ 139.748041][ T940] usb 5-1: SerialNumber: syz [ 140.475337][ T940] usb 5-1: config 0 descriptor?? [ 140.537251][ T940] keyspan 5-1:0.0: Keyspan 2 port adapter converter detected [ 140.608936][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7 [ 140.736370][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81 [ 140.820229][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1 [ 140.879091][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2 [ 140.904259][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 85 [ 140.952883][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 5 [ 141.131108][ T940] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 142.053015][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83 [ 142.061673][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3 [ 142.069402][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 4 [ 142.080402][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 86 [ 142.088517][ T940] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 6 [ 142.105153][ T940] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 142.152005][ T940] usb 5-1: USB disconnect, device number 7 [ 142.248234][ T940] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 142.314331][ T940] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 142.414633][ T940] keyspan 5-1:0.0: device disconnected [ 142.615904][ T6182] netlink: 36 bytes leftover after parsing attributes in process `syz.3.253'. [ 142.849984][ T6182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.253'. [ 142.894917][ T6188] netlink: 'syz.2.254': attribute type 21 has an invalid length. [ 143.994638][ T5274] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 144.091558][ T6198] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 144.221602][ T5274] usb 1-1: Using ep0 maxpacket: 16 [ 144.252987][ T5274] usb 1-1: New USB device found, idVendor=1943, idProduct=2257, bcdDevice=91.ed [ 144.280420][ T5274] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.288468][ T5274] usb 1-1: Product: syz [ 144.294683][ T6205] Zero length message leads to an empty skb [ 144.321937][ T5274] usb 1-1: Manufacturer: syz [ 144.326678][ T5274] usb 1-1: SerialNumber: syz [ 144.380023][ T5274] usb 1-1: config 0 descriptor?? [ 144.414801][ T5274] s2255 1-1:0.0: Could not find bulk-in endpoint [ 144.434348][ T6206] kvm: emulating exchange as write [ 144.443369][ T5274] Sensoray 2255 driver load failed: 0xfffffff4 [ 144.449602][ T5274] s2255 1-1:0.0: probe with driver s2255 failed with error -12 [ 144.636551][ T46] usb 1-1: USB disconnect, device number 6 [ 145.870866][ T6238] [U] [ 145.873807][ T6238] [U] [ 145.876486][ T6238] [U] [ 145.879179][ T6238] [U] [ 145.888383][ T6238] [U] [ 145.891128][ T6238] [U] [ 145.893822][ T6238] [U] [ 145.896507][ T6238] [U] [ 145.908333][ T6238] [U] [ 145.911049][ T6238] [U] [ 145.913739][ T6238] [U] [ 145.916444][ T6238] [U] [ 145.924538][ T6238] [U] [ 145.927357][ T6238] [U] [ 145.930029][ T6238] [U] [ 145.932719][ T6238] [U] [ 145.936587][ T6239] netlink: 256 bytes leftover after parsing attributes in process `syz.3.275'. [ 145.983997][ T6238] [U] [ 145.986756][ T6238] [U] [ 145.989552][ T6238] [U] [ 145.992244][ T6238] [U] [ 146.014781][ T6238] [U] [ 146.017480][ T6238] [U] [ 146.020154][ T6238] [U] [ 146.022837][ T6238] [U] [ 146.038812][ T6238] [U] [ 146.041530][ T6238] [U] [ 146.044216][ T6238] [U] [ 146.046886][ T6238] [U] [ 146.053943][ T6238] [U] [ 146.056657][ T6238] [U] [ 146.059331][ T6238] [U] [ 146.062037][ T6238] [U] [ 146.116333][ T6238] [U] [ 146.119082][ T6238] [U] [ 146.121791][ T6238] [U] [ 146.124491][ T6238] [U] [ 146.220822][ T6238] [U] [ 146.223571][ T6238] [U] [ 146.226289][ T6238] [U] [ 146.228989][ T6238] [U] [ 146.265068][ T6238] [U] [ 146.267802][ T6238] [U] [ 146.270476][ T6238] [U] [ 146.273150][ T6238] [U] [ 146.306450][ T6238] [U] [ 146.309283][ T6238] [U] [ 146.311993][ T6238] [U] [ 146.314694][ T6238] [U] [ 146.378649][ T6238] [U] [ 146.381396][ T6238] [U] [ 146.384105][ T6238] [U] [ 146.386814][ T6238] [U] [ 146.413461][ T6238] [U] [ 146.416164][ T6238] [U] [ 146.418855][ T6238] [U] [ 146.421542][ T6238] [U] [ 146.457603][ T6238] [U] [ 146.460363][ T6238] [U] [ 146.463058][ T6238] [U] [ 146.465739][ T6238] [U] [ 146.503113][ T6238] [U] [ 146.505841][ T6238] [U] [ 146.508510][ T6238] [U] [ 146.511183][ T6238] [U] [ 146.527092][ T6256] netlink: 224 bytes leftover after parsing attributes in process `syz.4.282'. [ 146.553348][ T6238] [U] [ 146.556096][ T6238] [U] [ 146.558806][ T6238] [U] [ 146.561510][ T6238] [U] [ 146.608427][ T6238] [U] [ 146.611171][ T6238] [U] [ 146.613882][ T6238] [U] [ 146.616589][ T6238] [U] [ 146.654899][ T6238] [U] [ 146.657639][ T6238] [U] [ 146.660344][ T6238] [U] [ 146.663047][ T6238] [U] [ 146.823556][ T6238] [U] [ 148.008111][ T6276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.290'. [ 148.017571][ T6276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.290'. [ 149.102612][ T6290] loop0: detected capacity change from 0 to 7 [ 149.160009][ T5421] loop0: [POWERTEC] p1 p2 p3 p4 [ 149.184438][ T5421] loop0: p1 start 2863311530 is beyond EOD, truncated [ 149.228817][ T5421] loop0: p2 start 4294949652 is beyond EOD, truncated [ 149.265129][ T5421] loop0: p3 start 1275611511 is beyond EOD, truncated [ 149.284073][ T6293] wg1: entered promiscuous mode [ 149.287631][ T5421] loop0: p4 start 785235130 is beyond EOD, truncated [ 149.324022][ T6290] loop0: [POWERTEC] p1 p2 p3 p4 [ 149.361109][ T6290] loop0: p1 start 2863311530 is beyond EOD, truncated [ 149.394407][ T6290] loop0: p2 start 4294949652 is beyond EOD, truncated [ 149.416034][ T6290] loop0: p3 start 1275611511 is beyond EOD, truncated [ 149.426210][ T6290] loop0: p4 start 785235130 is beyond EOD, truncated [ 149.605747][ T6302] ALSA: seq fatal error: cannot create timer (-22) [ 149.743100][ T6306] omfs: Invalid superblock (0) [ 150.717804][ T6313] program syz.2.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.836893][ T6316] dccp_invalid_packet: P.Data Offset(0) too small [ 150.918136][ T6319] netlink: 'syz.0.305': attribute type 1 has an invalid length. [ 150.950642][ T6319] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.305'. [ 151.176343][ T6327] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 151.184168][ T6327] IPv6: NLM_F_CREATE should be set when creating new route [ 151.191528][ T6327] IPv6: NLM_F_CREATE should be set when creating new route [ 151.228488][ T6327] usb usb8: usbfs: process 6327 (syz.3.307) did not claim interface 0 before use [ 153.671325][ T46] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 154.158586][ T6356] fuse: Unknown parameter '0xffffffffffffffff' [ 154.680373][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 154.689929][ T46] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 154.718922][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.771327][ T46] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 154.844667][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 154.898487][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 154.910654][ T6363] netlink: 12 bytes leftover after parsing attributes in process `syz.0.319'. [ 154.969210][ T46] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 154.999332][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 155.034905][ T46] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 155.073761][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 155.130340][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 155.314484][ T46] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 155.330718][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 155.620541][ T5222] Bluetooth: hci0: command 0x0406 tx timeout [ 156.068736][ T46] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 156.081532][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 156.092737][ T46] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 156.108014][ T46] usb 5-1: string descriptor 0 read error: -22 [ 156.126409][ T46] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 156.135636][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.201893][ T46] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 156.300591][ T6374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.322'. [ 156.313521][ T6377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.324'. [ 156.425942][ T46] usb 5-1: USB disconnect, device number 8 [ 156.505320][ T6380] netlink: 104 bytes leftover after parsing attributes in process `syz.0.324'. [ 156.531899][ T5274] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 157.190486][ T5274] usb 2-1: Using ep0 maxpacket: 8 [ 157.199163][ T5274] usb 2-1: config 17 has an invalid descriptor of length 48, skipping remainder of the config [ 157.296935][ T5274] usb 2-1: config 17 has an invalid descriptor of length 48, skipping remainder of the config [ 157.298206][ T5274] usb 2-1: config 17 has an invalid descriptor of length 48, skipping remainder of the config [ 157.315600][ T5274] usb 2-1: config 17 has an invalid descriptor of length 48, skipping remainder of the config [ 157.319706][ T5274] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 157.319736][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 157.319757][ T5274] usb 2-1: SerialNumber: syz [ 157.336525][ T5274] usb 2-1: Found UVC 0.00 device (05ac:8501) [ 157.336558][ T5274] usb 2-1: No valid video chain found. [ 157.563665][ T5274] usb 2-1: USB disconnect, device number 6 [ 157.700773][ T6396] netlink: 60 bytes leftover after parsing attributes in process `syz.4.330'. [ 157.733804][ T6400] netlink: 36 bytes leftover after parsing attributes in process `syz.0.331'. [ 158.855073][ T6400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.331'. [ 159.560933][ T6420] netlink: 12 bytes leftover after parsing attributes in process `syz.2.335'. [ 160.308663][ T6424] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 160.466639][ T6431] xt_bpf: check failed: parse error [ 162.741305][ T46] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 162.955147][ T46] usb 3-1: config 0 has an invalid interface number: 199 but max is 1 [ 162.990363][ T46] usb 3-1: config 0 has no interface number 1 [ 163.020374][ T46] usb 3-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 163.050318][ T46] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 163.102115][ T46] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 163.126766][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 163.153143][ T46] usb 3-1: SerialNumber: syz [ 163.176416][ T46] usb 3-1: config 0 descriptor?? [ 163.403647][ T46] usb 3-1: Found UVC 0.00 device (0002:0000) [ 163.440579][ T46] usb 3-1: No valid video chain found. [ 163.535209][ T46] usb 3-1: USB disconnect, device number 6 [ 163.655276][ T6476] overlayfs: failed to resolve './file1': -2 [ 166.681695][ T6517] input: syz0 as /devices/virtual/input/input10 [ 166.817810][ T6519] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 171.080715][ T46] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 171.284067][ T46] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 171.316597][ T46] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 171.341295][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 171.350440][ T46] usb 5-1: SerialNumber: syz [ 171.363905][ T940] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 171.365855][ T46] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 171.582928][ T940] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 171.602271][ T940] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 171.619968][ T940] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 171.642023][ T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.671334][ T940] usb 4-1: config 0 descriptor?? [ 172.129969][ T940] Bluetooth: Can't get version to change to load ram patch err [ 172.153913][ T940] Bluetooth: Loading patch file failed [ 172.170895][ T940] ath3k 4-1:0.0: probe with driver ath3k failed with error -71 [ 172.185806][ T940] usb 4-1: USB disconnect, device number 2 [ 172.554687][ T6564] syz.2.382: attempt to access beyond end of device [ 172.554687][ T6564] nbd2: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 172.568572][ T6564] SQUASHFS error: Failed to read block 0x0: -5 [ 172.582540][ T6564] unable to read squashfs_super_block [ 172.649894][ T940] usb 5-1: USB disconnect, device number 9 [ 173.198105][ T6576] netlink: 'syz.4.385': attribute type 7 has an invalid length. [ 173.206158][ T6576] netlink: 'syz.4.385': attribute type 8 has an invalid length. [ 173.213947][ T6576] netlink: 224 bytes leftover after parsing attributes in process `syz.4.385'. [ 174.413555][ T6582] ======================================================= [ 174.413555][ T6582] WARNING: The mand mount option has been deprecated and [ 174.413555][ T6582] and is ignored by this kernel. Remove the mand [ 174.413555][ T6582] option from the mount to silence this warning. [ 174.413555][ T6582] ======================================================= [ 174.664227][ T5232] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 174.698909][ T5232] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 174.720045][ T5232] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 174.734395][ T5232] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 174.745006][ T5232] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 174.761112][ T5232] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 175.067713][ T6586] lo speed is unknown, defaulting to 1000 [ 175.803310][ T5232] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 175.812898][ T5232] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 175.827114][ T5232] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 175.850355][ T5232] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 175.861023][ T5232] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 175.870964][ T5232] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 175.885767][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.349234][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.439674][ T6593] lo speed is unknown, defaulting to 1000 [ 176.824176][ T5222] Bluetooth: hci5: command tx timeout [ 177.192182][ T5232] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 177.219797][ T5232] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 177.229550][ T5232] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 177.242045][ T5232] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 177.249928][ T5232] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 177.265737][ T5232] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 177.275782][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.629757][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.679408][ T6609] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 177.797086][ T6604] lo speed is unknown, defaulting to 1000 [ 177.940438][ T5222] Bluetooth: hci3: command tx timeout [ 178.009899][ T6586] chnl_net:caif_netlink_parms(): no params data found [ 178.369968][ T11] bridge_slave_1: left allmulticast mode [ 178.390739][ T11] bridge_slave_1: left promiscuous mode [ 178.413189][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.446432][ T11] bridge_slave_0: left allmulticast mode [ 178.460558][ T11] bridge_slave_0: left promiscuous mode [ 178.474263][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.900360][ T5222] Bluetooth: hci5: command tx timeout [ 179.385768][ T5227] Bluetooth: hci6: command tx timeout [ 179.594942][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 179.623418][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 179.646851][ T11] bond0 (unregistering): Released all slaves [ 180.030355][ T5227] Bluetooth: hci3: command tx timeout [ 180.039838][ T6586] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.063989][ T6586] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.071712][ T6586] bridge_slave_0: entered allmulticast mode [ 180.079771][ T6586] bridge_slave_0: entered promiscuous mode [ 180.094727][ T6586] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.110817][ T6586] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.118074][ T6586] bridge_slave_1: entered allmulticast mode [ 180.134443][ T6586] bridge_slave_1: entered promiscuous mode [ 181.001164][ T5227] Bluetooth: hci5: command tx timeout [ 181.393390][ T5227] Bluetooth: hci1: command 0x0406 tx timeout [ 181.400132][ T5238] Bluetooth: hci0: command 0x0406 tx timeout [ 181.406439][ T5237] Bluetooth: hci4: command 0x0406 tx timeout [ 181.461429][ T5222] Bluetooth: hci6: command tx timeout [ 182.110451][ T4609] Bluetooth: hci3: command tx timeout [ 182.483681][ T6586] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.795303][ T6586] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.885964][ T6669] tmpfs: Bad value for 'mpol' [ 182.928854][ T6593] chnl_net:caif_netlink_parms(): no params data found [ 183.052171][ T6672] netlink: 8 bytes leftover after parsing attributes in process `syz.4.411'. [ 183.061585][ T4609] Bluetooth: hci5: command tx timeout [ 183.087644][ T6675] loop0: detected capacity change from 0 to 7 [ 183.087779][ T6586] team0: Port device team_slave_0 added [ 183.122022][ T6675] Dev loop0: unable to read RDB block 7 [ 183.165727][ T6675] loop0: unable to read partition table [ 183.210626][ T6675] loop0: partition table beyond EOD, truncated [ 183.250742][ T6675] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 183.250742][ T6675] ) failed (rc=-5) [ 183.274604][ T6586] team0: Port device team_slave_1 added [ 183.543650][ T4609] Bluetooth: hci6: command tx timeout [ 183.642756][ T5216] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 183.644780][ T6689] sock: sock_timestamping_bind_phc: sock not bind to device [ 184.180896][ T4609] Bluetooth: hci3: command tx timeout [ 184.578686][ T11] hsr_slave_0: left promiscuous mode [ 184.585760][ T5216] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 184.600785][ T11] hsr_slave_1: left promiscuous mode [ 184.621700][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.640394][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.663764][ T5216] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.691906][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.713955][ T5216] usb 5-1: Product: syz [ 184.714083][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.745593][ T5216] usb 5-1: Manufacturer: syz [ 184.769362][ T5216] usb 5-1: SerialNumber: syz [ 184.792226][ T5216] usb 5-1: config 0 descriptor?? [ 184.862464][ T11] veth1_macvtap: left promiscuous mode [ 184.900879][ T11] veth0_macvtap: left promiscuous mode [ 184.916844][ T11] veth1_vlan: left promiscuous mode [ 184.943886][ T11] veth0_vlan: left promiscuous mode [ 185.001466][ T5273] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 185.870478][ T4609] Bluetooth: hci6: command tx timeout [ 185.944637][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.053709][ T5273] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 186.097811][ T5273] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 186.258445][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.402014][ T5273] usb 3-1: config 0 descriptor?? [ 186.981986][ T46] usb 5-1: USB disconnect, device number 10 [ 187.027218][ T5273] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 187.175298][ T5273] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 190.129925][ T5273] usb 3-1: USB disconnect, device number 7 [ 190.565229][ T11] team0 (unregistering): Port device team_slave_1 removed [ 190.630826][ T11] team0 (unregistering): Port device team_slave_0 removed [ 191.183872][ T6586] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.194079][ T6586] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.228232][ T6586] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.251089][ T6586] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.258209][ T6586] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.296726][ T6586] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.487302][ T6604] chnl_net:caif_netlink_parms(): no params data found [ 191.642714][ T4609] Bluetooth: hci0: unexpected event for opcode 0x041a [ 191.710519][ T6593] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.717682][ T6593] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.728288][ T6593] bridge_slave_0: entered allmulticast mode [ 191.736174][ T6593] bridge_slave_0: entered promiscuous mode [ 191.754244][ T6586] hsr_slave_0: entered promiscuous mode [ 191.767828][ T6586] hsr_slave_1: entered promiscuous mode [ 191.779246][ T6586] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 191.787722][ T6586] Cannot create hsr debugfs directory [ 191.840412][ T5273] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 191.848719][ T6593] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.865720][ T6593] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.876665][ T6593] bridge_slave_1: entered allmulticast mode [ 191.884233][ T6593] bridge_slave_1: entered promiscuous mode [ 192.026690][ T5273] usb 5-1: Using ep0 maxpacket: 16 [ 192.041459][ T6593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.043155][ T5273] usb 5-1: config 0 has an invalid descriptor of length 65, skipping remainder of the config [ 192.065760][ T6593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.076218][ T5273] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 192.089752][ T5273] usb 5-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00 [ 192.099204][ T5273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.120778][ T5273] usb 5-1: config 0 descriptor?? [ 192.129295][ T5273] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 192.212990][ T6604] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.236162][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.244757][ T6604] bridge_slave_0: entered allmulticast mode [ 192.261967][ T6604] bridge_slave_0: entered promiscuous mode [ 192.365451][ T6604] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.390868][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.398158][ T6604] bridge_slave_1: entered allmulticast mode [ 192.422898][ T6604] bridge_slave_1: entered promiscuous mode [ 193.376028][ T6593] team0: Port device team_slave_0 added [ 193.606650][ T6604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 195.876351][ T1258] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.883559][ T1258] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.925167][ T6593] team0: Port device team_slave_1 added [ 196.215420][ T6604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.476138][ T5362] usb 5-1: USB disconnect, device number 11 [ 196.527937][ T6593] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.564586][ T6593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.644904][ T6593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.785575][ T6604] team0: Port device team_slave_0 added [ 196.813392][ T6604] team0: Port device team_slave_1 added [ 196.835051][ T6748] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 196.842223][ T6748] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 196.886674][ T6593] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.895394][ T6593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.931792][ T6593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.108042][ T6586] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.229301][ T6586] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 39719 - 0 [ 197.259319][ T6586] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 51079 - 0 [ 197.392302][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.399294][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.432521][ T6604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.517032][ T6758] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 198.272805][ T6586] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.305396][ T6586] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 39719 - 0 [ 198.330695][ T6586] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 51079 - 0 [ 198.374747][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.390022][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.457428][ T6604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.562115][ T6586] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.586262][ T6586] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 39719 - 0 [ 198.615627][ T6586] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 51079 - 0 [ 198.647031][ T29] audit: type=1326 audit(1722848640.678:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 198.715678][ T29] audit: type=1326 audit(1722848640.688:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 198.780314][ T29] audit: type=1326 audit(1722848640.718:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 198.818850][ T6593] hsr_slave_0: entered promiscuous mode [ 198.840997][ T6593] hsr_slave_1: entered promiscuous mode [ 198.852460][ T6593] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.861401][ T29] audit: type=1326 audit(1722848640.718:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 198.884181][ T6593] Cannot create hsr debugfs directory [ 198.939087][ T6775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 198.955039][ T29] audit: type=1326 audit(1722848640.718:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 198.998361][ T29] audit: type=1326 audit(1722848640.718:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 199.056068][ T29] audit: type=1326 audit(1722848640.718:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 199.087837][ T29] audit: type=1326 audit(1722848640.718:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 199.129036][ T6604] hsr_slave_0: entered promiscuous mode [ 199.172489][ T6604] hsr_slave_1: entered promiscuous mode [ 199.189612][ T6769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 199.200746][ T29] audit: type=1326 audit(1722848640.728:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 199.229247][ T6604] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 199.240434][ T6604] Cannot create hsr debugfs directory [ 199.253412][ T29] audit: type=1326 audit(1722848640.728:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7ffc0000 [ 199.313244][ T6586] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.324226][ T6586] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 39719 - 0 [ 199.336392][ T6586] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 51079 - 0 [ 200.507795][ T6593] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.587905][ T6586] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 200.686851][ T6593] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.774505][ T6586] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 200.933010][ T6593] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.996120][ T6586] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 201.055568][ T6586] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 201.944575][ T6593] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.411960][ T6586] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.791155][ T6820] pimreg: entered allmulticast mode [ 202.800684][ T6593] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 202.835360][ T6593] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 203.474365][ T6586] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.577040][ T6586] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 203.588531][ T6586] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 203.656976][ T6593] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 204.205877][ T6593] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 204.250757][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 204.250775][ T29] audit: type=1326 audit(1722848646.288:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.415958][ T29] audit: type=1326 audit(1722848646.288:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.435121][ T940] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.444451][ T940] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.458260][ T940] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.465456][ T940] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.490809][ T29] audit: type=1326 audit(1722848646.288:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.527097][ T6826] netlink: 8 bytes leftover after parsing attributes in process `syz.2.438'. [ 204.553976][ T29] audit: type=1326 audit(1722848646.288:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.630460][ T29] audit: type=1326 audit(1722848646.288:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.686128][ T29] audit: type=1326 audit(1722848646.288:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.743117][ T29] audit: type=1326 audit(1722848646.288:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.784093][ T29] audit: type=1326 audit(1722848646.288:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.814459][ T29] audit: type=1326 audit(1722848646.288:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 204.839054][ T29] audit: type=1326 audit(1722848646.288:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6825 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08a55779f9 code=0x7fc00000 [ 206.302260][ T6586] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.575236][ T6586] veth0_vlan: entered promiscuous mode [ 206.628575][ T6593] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.651321][ T5271] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 206.663356][ T6586] veth1_vlan: entered promiscuous mode [ 206.775889][ T6593] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.814992][ T6604] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 206.854847][ T5273] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.862065][ T5273] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.873324][ T6604] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 206.873401][ T5271] usb 3-1: Using ep0 maxpacket: 16 [ 206.912842][ T5230] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.919973][ T5230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.943054][ T5271] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 206.973641][ T6604] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 206.982912][ T5271] usb 3-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.40 [ 207.003956][ T5271] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.022046][ T6604] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 207.051939][ T5271] usb 3-1: Product: syz [ 207.062301][ T5271] usb 3-1: Manufacturer: syz [ 207.074484][ T5271] usb 3-1: SerialNumber: syz [ 207.134590][ T5271] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input11 [ 207.150934][ T6586] veth0_macvtap: entered promiscuous mode [ 207.197749][ T6586] veth1_macvtap: entered promiscuous mode [ 207.337764][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.358183][ T4656] bcm5974 3-1:1.0: could not read from device [ 207.380488][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.401016][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.427203][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.455234][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.517535][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.559862][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.740769][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.971275][ T6586] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.981871][ T4656] bcm5974 3-1:1.0: could not read from device [ 208.043224][ T4656] bcm5974 3-1:1.0: could not read from device [ 208.057018][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.067880][ T5271] usb 3-1: USB disconnect, device number 8 [ 208.089739][ T6878] netlink: 32 bytes leftover after parsing attributes in process `syz.4.447'. [ 208.112859][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.150328][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.174780][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.243117][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.310498][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.362614][ T6586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.427589][ T6586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.477835][ T6586] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 208.576176][ T6586] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.599352][ T6586] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.616931][ T6586] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.655039][ T6586] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.852732][ T6593] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.931753][ T6604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.174742][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.253315][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.343060][ T6604] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.499388][ T5230] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.500369][ T2564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.506584][ T5230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.534806][ T2564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.651512][ T6593] veth0_vlan: entered promiscuous mode [ 209.672607][ T5362] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.680153][ T5362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.727817][ T6593] veth1_vlan: entered promiscuous mode [ 209.867594][ T6593] veth0_macvtap: entered promiscuous mode [ 209.904733][ T6593] veth1_macvtap: entered promiscuous mode [ 210.017611][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.056300][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.080417][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.104247][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.130266][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.160414][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.210016][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.237938][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.280598][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.320605][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.348388][ T6593] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.405385][ T6926] netlink: 'syz.4.455': attribute type 7 has an invalid length. [ 210.487948][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.524873][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.542878][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.562679][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.578271][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.601103][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.618941][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.647706][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.680384][ T6593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.710856][ T6593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.729867][ T6593] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.770112][ T6604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 210.891278][ T6593] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.900046][ T6593] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.960980][ T6593] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.969827][ T6593] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.358081][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.425561][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.536252][ T2564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.574910][ T6604] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.588418][ T2564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.719070][ T6604] veth0_vlan: entered promiscuous mode [ 211.773512][ T6604] veth1_vlan: entered promiscuous mode [ 211.932589][ T6604] veth0_macvtap: entered promiscuous mode [ 211.990997][ T6974] x_tables: duplicate underflow at hook 1 [ 212.006960][ T6604] veth1_macvtap: entered promiscuous mode [ 212.013384][ T6974] capability: warning: `syz.2.463' uses 32-bit capabilities (legacy support in use) [ 212.087600][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.103118][ T6981] netlink: 24 bytes leftover after parsing attributes in process `syz.1.464'. [ 212.119905][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.150406][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.183118][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.183141][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.183159][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.183169][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.183182][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.183212][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.183225][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.183240][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.183252][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.188086][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.225789][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225815][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.225826][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225839][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.225849][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225862][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.225872][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225885][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.225897][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225910][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.225921][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.225934][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.233878][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.273690][ T6604] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.490819][ T6983] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "" [ 212.530530][ T6604] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.530569][ T6604] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.530596][ T6604] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.022577][ T5230] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 213.369255][ T5230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.650617][ T5230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.733898][ T5230] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 213.789352][ T2564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.819263][ T5230] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 213.852940][ T2564] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.863461][ T5230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.906135][ T5230] usb 5-1: config 0 descriptor?? [ 213.993521][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.069730][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.836111][ T5230] plantronics 0003:047F:FFFF.0006: unbalanced collection at end of report description [ 214.865828][ T5230] plantronics 0003:047F:FFFF.0006: parse failed [ 214.878068][ T5230] plantronics 0003:047F:FFFF.0006: probe with driver plantronics failed with error -22 [ 215.085955][ T5230] usb 5-1: USB disconnect, device number 12 [ 215.190187][ T7025] random: crng reseeded on system resumption [ 217.295699][ T7034] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 217.600462][ T940] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 217.883731][ T940] usb 5-1: Using ep0 maxpacket: 32 [ 217.924757][ T940] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 217.967208][ T940] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 218.042583][ T940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.096828][ T940] usb 5-1: Product: syz [ 218.117340][ T940] usb 5-1: Manufacturer: syz [ 218.134032][ T940] usb 5-1: SerialNumber: syz [ 218.175406][ T940] usb 5-1: config 0 descriptor?? [ 218.228995][ T7036] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 218.268095][ T940] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 218.400466][ T2942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.426287][ T2942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.638940][ T5362] usb 5-1: USB disconnect, device number 13 [ 219.323220][ T7054] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 219.335044][ T4609] Bluetooth: Unexpected start frame (len 16) [ 219.338193][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.341275][ T4609] Bluetooth: Frame is too long (len 16, expected len 4) [ 219.385484][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.440810][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.491095][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.516025][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.568451][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.587318][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.607440][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.676238][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.696223][ T7079] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.716460][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.729336][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.760505][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.771704][ T7079] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.798909][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.847842][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.870890][ T7095] netlink: 5 bytes leftover after parsing attributes in process `syz.4.489'. [ 219.874489][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.905893][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.948297][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.970893][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.978422][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 219.979868][ T7095] lo speed is unknown, defaulting to 1000 [ 219.998974][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.030777][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.038239][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.081125][ T4609] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 220.088136][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.128712][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.186333][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.223861][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.273325][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.311550][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.324902][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.339533][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.376109][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 220.407624][ T940] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 221.366807][ T940] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 223.554821][ T7154] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 224.059272][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.503'. [ 224.336870][ T7178] netlink: 'syz.3.506': attribute type 3 has an invalid length. [ 224.344748][ T7178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.506'. [ 230.091416][ T5216] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 230.941596][ T7207] overlayfs: failed to resolve './file0': -2 [ 231.029819][ T7214] program syz.0.515 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 231.041229][ T7214] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 231.055434][ T7214] ubi0: attaching mtd0 [ 231.072254][ T7214] ubi0: scanning is finished [ 231.076964][ T7214] ubi0: empty MTD device detected [ 231.164980][ T5216] usb 5-1: config 0 has an invalid interface number: 154 but max is 0 [ 231.311030][ T940] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 231.355390][ T5216] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 231.541146][ T7214] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 231.675471][ T5216] usb 5-1: config 0 has no interface number 0 [ 231.685257][ T5216] usb 5-1: New USB device found, idVendor=413c, idProduct=8196, bcdDevice=1f.e0 [ 231.694660][ T5216] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.711642][ T5216] usb 5-1: config 0 descriptor?? [ 231.722866][ T5216] qmi_wwan 5-1:0.154: probe with driver qmi_wwan failed with error -22 [ 231.770512][ T940] usb 4-1: Using ep0 maxpacket: 8 [ 231.785250][ T940] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 231.806584][ T940] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 231.830293][ T940] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 231.850514][ T940] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 231.900645][ T940] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 231.910727][ T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.986098][ T5216] usb 5-1: USB disconnect, device number 14 [ 232.001026][ T7223] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.182941][ T940] usb 4-1: GET_CAPABILITIES returned 0 [ 232.192594][ T940] usbtmc 4-1:16.0: can't read capabilities [ 232.245473][ T7227] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'. [ 232.791748][ T7234] usbtmc 4-1:16.0: send_request_dev_dep_msg_in returned -90 [ 233.426440][ T7232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'. [ 235.542663][ T25] usb 4-1: USB disconnect, device number 3 [ 235.763869][ T7260] syz.4.532: attempt to access beyond end of device [ 235.763869][ T7260] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0 [ 235.821592][ T7260] isofs_fill_super: bread failed, dev=nbd4, iso_blknum=16, block=32 [ 235.892757][ T7262] netlink: 'syz.3.533': attribute type 4 has an invalid length. [ 237.292260][ T29] kauditd_printk_skb: 57 callbacks suppressed [ 237.292278][ T29] audit: type=1326 audit(1722848679.068:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7269 comm="syz.3.536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x0 [ 237.705842][ T7288] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.746909][ T7288] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.397251][ T7307] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.663919][ T7318] input: syz0 as /devices/virtual/input/input12 [ 239.011140][ T7321] netlink: 'syz.0.550': attribute type 25 has an invalid length. [ 239.110594][ T7321] netlink: 'syz.0.550': attribute type 8 has an invalid length. [ 239.887272][ T7328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.553'. [ 240.840663][ T7328] netlink: 104 bytes leftover after parsing attributes in process `syz.4.553'. [ 241.278342][ T7348] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 241.301405][ T7348] cramfs: wrong magic [ 242.420904][ T5216] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 242.468844][ T4609] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 242.780369][ T5216] usb 4-1: Using ep0 maxpacket: 16 [ 242.840482][ T940] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 243.362971][ T5216] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 243.701131][ T5216] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 243.778919][ T5216] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.788452][ T940] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 243.864510][ T940] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 244.119857][ T5216] usb 4-1: config 0 descriptor?? [ 244.125214][ T940] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 244.140698][ T940] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 244.153229][ T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.167225][ T7376] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 245.030821][ T5362] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 245.193473][ T7360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 245.210726][ T7360] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 245.440607][ T5362] usb 2-1: Using ep0 maxpacket: 32 [ 245.462375][ T5362] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 245.468858][ T5216] hid-generic 0003:0158:0100.0008: unknown main item tag 0x1 [ 245.509581][ T5216] hid-generic 0003:0158:0100.0008: unexpected long global item [ 245.754045][ T5362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.846573][ T5362] usb 2-1: config 0 descriptor?? [ 245.888602][ T5362] gspca_main: sq930x-2.14.0 probing 041e:403c [ 246.569746][ T5216] hid-generic 0003:0158:0100.0008: probe with driver hid-generic failed with error -22 [ 246.599349][ T5216] usb 4-1: USB disconnect, device number 4 [ 246.762969][ T7408] sp0: Synchronizing with TNC [ 247.313686][ T7415] netlink: 20 bytes leftover after parsing attributes in process `syz.2.585'. [ 249.813575][ T5362] gspca_sq930x: ucbus_write failed -110 [ 249.819258][ T5362] sq930x 2-1:0.0: probe with driver sq930x failed with error -110 [ 249.877884][ T940] aiptek 1-1:17.0: Aiptek using 400 ms programming speed [ 249.905272][ T940] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input13 [ 249.936100][ T29] audit: type=1326 audit(1722848691.978:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 249.944238][ T5271] usb 2-1: USB disconnect, device number 7 [ 250.015976][ T940] usb 1-1: USB disconnect, device number 7 [ 250.021850][ C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 250.204785][ T29] audit: type=1326 audit(1722848692.018:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.339074][ T7426] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 250.372287][ T29] audit: type=1326 audit(1722848692.028:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.427693][ T7417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 250.571727][ T29] audit: type=1326 audit(1722848692.028:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.690360][ T29] audit: type=1326 audit(1722848692.028:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.786859][ T29] audit: type=1326 audit(1722848692.028:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.880306][ T29] audit: type=1326 audit(1722848692.028:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 250.970148][ T29] audit: type=1326 audit(1722848692.028:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 251.179292][ T29] audit: type=1326 audit(1722848692.028:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 251.259562][ T29] audit: type=1326 audit(1722848692.028:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7412 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a7f779f9 code=0x7ffc0000 [ 252.125246][ T7443] befs: (nbd4): No write support. Marking filesystem read-only [ 252.133448][ T7443] syz.4.583: attempt to access beyond end of device [ 252.133448][ T7443] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 252.399336][ T7451] evm: overlay not supported [ 253.850319][ T5230] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 253.888978][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.600'. [ 254.060403][ T5230] usb 4-1: Using ep0 maxpacket: 32 [ 254.076028][ T5230] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 254.092880][ T5230] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=db.8b [ 254.113913][ T5230] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.152587][ T5230] usb 4-1: config 0 descriptor?? [ 254.410446][ T5230] usb 4-1: USB disconnect, device number 5 [ 254.601790][ T7493] netlink: 104 bytes leftover after parsing attributes in process `syz.2.604'. [ 255.043633][ T7501] qrtr: Invalid version 48 [ 255.067569][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.606'. [ 255.180149][ T7501] loop7: detected capacity change from 0 to 7 [ 255.195738][ T7501] Dev loop7: unable to read RDB block 7 [ 255.208833][ T7501] loop7: unable to read partition table [ 255.228205][ T7501] loop7: partition table beyond EOD, truncated [ 255.242141][ T7501] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 255.242141][ T7501] ) failed (rc=-5) [ 255.270672][ T4609] Bluetooth: hci0: unexpected event for opcode 0x200f [ 256.104077][ T1258] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.110512][ T1258] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.312484][ T7527] No buffer was provided with the request [ 257.381121][ T7532] Bluetooth: MGMT ver 1.23 [ 257.920349][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 259.303928][ T4609] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 259.312800][ T4609] Bluetooth: hci0: Injecting HCI hardware error event [ 259.321493][ T5222] Bluetooth: hci0: hardware error 0x00 [ 260.885835][ T940] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 260.940419][ T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 261.144712][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 261.154288][ T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.223409][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 261.240353][ T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 261.271403][ T9] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 261.300253][ T940] usb 4-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 261.315495][ T7577] netlink: 'syz.0.630': attribute type 3 has an invalid length. [ 261.323346][ T7577] netlink: 'syz.0.630': attribute type 1 has an invalid length. [ 261.331070][ T7577] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.630'. [ 261.464331][ T5222] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 261.474002][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.482283][ T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.555007][ T940] usb 4-1: config 0 descriptor?? [ 261.562450][ T9] usb 3-1: config 0 descriptor?? [ 262.122155][ T940] steelseries 0003:1038:12B6.0009: item fetching failed at offset 6/7 [ 262.170609][ T940] steelseries 0003:1038:12B6.0009: probe with driver steelseries failed with error -22 [ 262.493602][ T940] usb 4-1: USB disconnect, device number 6 [ 262.871864][ T7566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 262.926133][ T7566] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.093752][ T9] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1 [ 263.130452][ T9] hid-generic 0003:0158:0100.000A: unexpected long global item [ 263.154572][ T9] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22 [ 263.390975][ T5216] usb 3-1: USB disconnect, device number 9 [ 263.477754][ T7598] netlink: 8 bytes leftover after parsing attributes in process `syz.4.637'. [ 263.541414][ T5222] Bluetooth: hci0: Opcode 0x206c failed: -110 [ 264.726322][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 264.726338][ T29] audit: type=1326 audit(1722848706.768:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 264.775310][ T29] audit: type=1326 audit(1722848706.808:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 264.804712][ T29] audit: type=1326 audit(1722848706.808:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 264.856161][ T29] audit: type=1326 audit(1722848706.808:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 264.937674][ T29] audit: type=1326 audit(1722848706.808:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 264.962513][ T29] audit: type=1326 audit(1722848706.838:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 265.026472][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 265.095814][ T29] audit: type=1326 audit(1722848706.838:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 265.132892][ T7624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 265.154568][ T29] audit: type=1326 audit(1722848706.838:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 265.707876][ T5222] Bluetooth: hci0: Opcode 0x2046 failed: -110 [ 265.725833][ T29] audit: type=1326 audit(1722848706.848:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 265.778839][ T29] audit: type=1326 audit(1722848706.848:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7612 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f577779f9 code=0x7ffc0000 [ 265.871555][ T7624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 266.660470][ T940] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 266.871241][ T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 266.905256][ T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 266.930157][ T940] usb 4-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00 [ 266.955656][ T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.991116][ T940] usb 4-1: config 0 descriptor?? [ 267.040326][ T5362] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 267.240343][ T5362] usb 2-1: Using ep0 maxpacket: 16 [ 267.248155][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 267.318540][ T7666] program syz.2.657 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 267.328446][ T7666] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 267.340690][ T7666] ubi0: attaching mtd0 [ 267.349917][ T7666] ubi0: scanning is finished [ 267.655860][ T5362] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 267.698842][ T5362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.870305][ T5362] usb 2-1: config 0 descriptor?? [ 267.924798][ T7666] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 268.082611][ T7667] ptrace attach of "./syz-executor exec"[6593] was attempted by "./syz-executor exec"[7667] [ 268.108042][ T7667] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 268.125462][ T940] cougar 0003:060B:700A.000B: hidraw0: USB HID v0.00 Device [HID 060b:700a] on usb-dummy_hcd.3-1/input0 [ 268.324287][ T25] usb 4-1: USB disconnect, device number 7 [ 268.507595][ T7657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 268.541276][ T7657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 268.596974][ T5362] hid-generic 0003:0158:0100.000C: unknown main item tag 0x1 [ 268.616323][ T5362] hid-generic 0003:0158:0100.000C: unexpected long global item [ 268.628576][ T5362] hid-generic 0003:0158:0100.000C: probe with driver hid-generic failed with error -22 [ 268.771896][ T940] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 268.908864][ T25] usb 2-1: USB disconnect, device number 8 [ 268.990706][ T940] usb 1-1: Using ep0 maxpacket: 8 [ 269.024276][ T940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.062517][ T940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.083028][ T7677] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 269.090378][ T940] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 269.138588][ T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.191454][ T940] usb 1-1: config 0 descriptor?? [ 269.617822][ T940] lenovo 0003:17EF:6067.000D: unknown main item tag 0x0 [ 269.636516][ T940] lenovo 0003:17EF:6067.000D: item fetching failed at offset 5/7 [ 269.666397][ T940] lenovo 0003:17EF:6067.000D: hid_parse failed [ 269.685942][ T940] lenovo 0003:17EF:6067.000D: probe with driver lenovo failed with error -22 [ 269.843448][ T940] usb 1-1: USB disconnect, device number 8 [ 270.369669][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 270.369687][ T29] audit: type=1326 audit(1722848712.408:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 270.620299][ T29] audit: type=1326 audit(1722848712.418:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 270.725238][ T7701] netlink: 20 bytes leftover after parsing attributes in process `syz.0.670'. [ 270.787276][ T29] audit: type=1326 audit(1722848712.438:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 270.868301][ T29] audit: type=1326 audit(1722848712.438:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 272.175042][ T29] audit: type=1326 audit(1722848712.438:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 272.873721][ T29] audit: type=1326 audit(1722848712.458:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 272.919099][ T5222] Bluetooth: hci6: SCO packet for unknown connection handle 0 [ 272.922506][ T29] audit: type=1326 audit(1722848712.458:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 272.969938][ T29] audit: type=1326 audit(1722848712.458:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 273.009976][ T29] audit: type=1326 audit(1722848712.478:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 273.108960][ T29] audit: type=1326 audit(1722848712.478:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7691 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f873779f9 code=0x7ffc0000 [ 274.045824][ T7705] lo speed is unknown, defaulting to 1000 [ 274.662612][ T7726] syz.0.678: attempt to access beyond end of device [ 274.662612][ T7726] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 274.690343][ T7726] isofs_fill_super: bread failed, dev=nbd0, iso_blknum=16, block=32 [ 274.798569][ T940] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 274.901883][ T5222] Bluetooth: hci6: command 0x0405 tx timeout [ 275.068817][ T940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.105414][ T940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.127782][ T940] usb 3-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00 [ 275.168547][ T940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.212781][ T940] usb 3-1: config 0 descriptor?? [ 275.279690][ T7730] lo speed is unknown, defaulting to 1000 [ 275.728727][ T940] wacom 0003:056A:5000.000E: hidraw0: USB HID v0.00 Device [HID 056a:5000] on usb-dummy_hcd.2-1/input0 [ 276.948913][ T940] usb 3-1: USB disconnect, device number 10 [ 278.460719][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 278.460735][ T29] audit: type=1326 audit(1722848720.508:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.499392][ T29] audit: type=1326 audit(1722848720.528:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.526062][ T29] audit: type=1326 audit(1722848720.538:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.610497][ T29] audit: type=1326 audit(1722848720.538:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.651759][ T29] audit: type=1326 audit(1722848720.538:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.768246][ T29] audit: type=1326 audit(1722848720.538:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.780809][ T7755] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 278.822473][ T29] audit: type=1326 audit(1722848720.548:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.904457][ T29] audit: type=1326 audit(1722848720.558:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.930859][ T4609] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 278.943451][ T4609] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 278.952777][ T4609] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 278.961207][ T4609] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 278.969897][ T29] audit: type=1326 audit(1722848720.558:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 278.998651][ T29] audit: type=1326 audit(1722848720.558:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7749 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd6b779f9 code=0x7ffc0000 [ 279.020251][ T4609] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 279.029002][ T4609] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 279.123903][ T7758] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 279.409459][ T7759] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.431106][ T7756] lo speed is unknown, defaulting to 1000 [ 280.458674][ T7756] chnl_net:caif_netlink_parms(): no params data found [ 280.538828][ T7767] program syz.3.686 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 280.548280][ T7767] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 280.558361][ T7767] ubi0: attaching mtd0 [ 280.564509][ T7767] ubi0: scanning is finished [ 280.607703][ T7767] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 280.615416][ T7767] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 280.622803][ T7767] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 280.629808][ T7767] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 280.637329][ T7767] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 280.644195][ T7767] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 280.652289][ T7767] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2390393018 [ 280.662357][ T7767] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 280.688331][ T7779] ubi0: background thread "ubi_bgt0d" started, PID 7779 [ 281.061703][ T4609] Bluetooth: hci7: command tx timeout [ 281.189384][ T1286] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.220510][ T1286] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 38596 - 0 [ 281.240520][ T1286] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 59033 - 0 [ 281.489840][ T1286] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.520426][ T1286] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 38596 - 0 [ 281.533379][ T1286] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 59033 - 0 [ 281.592569][ T7756] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.599663][ T7756] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.631824][ T7756] bridge_slave_0: entered allmulticast mode [ 281.650705][ T7756] bridge_slave_0: entered promiscuous mode [ 281.681885][ T1286] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.704896][ T1286] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 38596 - 0 [ 281.729494][ T1286] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 59033 - 0 [ 281.787429][ T7756] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.806078][ T7756] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.847175][ T7756] bridge_slave_1: entered allmulticast mode [ 281.869961][ T7756] bridge_slave_1: entered promiscuous mode [ 281.939469][ T5222] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 281.950285][ T5222] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 281.959425][ T5222] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 281.967783][ T5222] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 281.976273][ T5222] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 281.983816][ T5222] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 282.074769][ T1286] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.086292][ T1286] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 38596 - 0 [ 282.097016][ T1286] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 59033 - 0 [ 282.234003][ T7756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 282.271851][ T7797] lo speed is unknown, defaulting to 1000 [ 282.275293][ T7756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 282.537884][ T7756] team0: Port device team_slave_0 added [ 282.571640][ T7756] team0: Port device team_slave_1 added [ 282.744168][ T7806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 282.880685][ T7756] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 282.895006][ T7808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 282.896025][ T7756] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 282.987152][ T7756] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 283.027215][ T7756] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 283.049627][ T7756] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 283.100539][ T7756] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 283.142169][ T4609] Bluetooth: hci7: command tx timeout [ 283.149714][ T1286] bridge_slave_1: left allmulticast mode [ 283.157139][ T1286] bridge_slave_1: left promiscuous mode [ 283.174453][ T1286] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.233335][ T1286] bridge_slave_0: left allmulticast mode [ 283.260722][ T1286] bridge_slave_0: left promiscuous mode [ 283.279752][ T1286] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.021312][ T4609] Bluetooth: hci0: command tx timeout [ 285.220529][ T4609] Bluetooth: hci7: command tx timeout [ 285.429254][ T1286] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 285.524839][ T1286] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 285.569083][ T1286] bond0 (unregistering): Released all slaves [ 285.639320][ T1286] bond1 (unregistering): Released all slaves [ 286.105390][ T4609] Bluetooth: hci0: command tx timeout [ 287.226803][ T7756] hsr_slave_0: entered promiscuous mode [ 287.243677][ T7756] hsr_slave_1: entered promiscuous mode [ 287.264904][ T7756] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 287.279604][ T7756] Cannot create hsr debugfs directory [ 287.300647][ T5362] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 287.310019][ T4609] Bluetooth: hci7: command tx timeout [ 287.503212][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 287.518866][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 287.539643][ T5362] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 287.563685][ T5362] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 287.579646][ T5362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.602247][ T5362] usb 2-1: config 0 descriptor?? [ 288.163335][ T5362] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 288.180343][ T4609] Bluetooth: hci0: command tx timeout [ 288.191127][ T5362] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 288.236664][ T5362] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 288.551188][ T1286] hsr_slave_0: left promiscuous mode [ 288.569276][ T1286] hsr_slave_1: left promiscuous mode [ 288.576362][ T1286] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 288.599331][ T1286] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 288.621645][ T1286] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 288.637712][ T1286] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 288.691806][ T1286] veth1_macvtap: left promiscuous mode [ 288.697437][ T1286] veth0_macvtap: left promiscuous mode [ 288.713404][ T1286] veth1_vlan: left promiscuous mode [ 288.719894][ T1286] veth0_vlan: left promiscuous mode [ 288.934186][ T1286] pimreg (unregistering): left allmulticast mode [ 290.260754][ T4609] Bluetooth: hci0: command tx timeout [ 290.286782][ T1286] team0 (unregistering): Port device team_slave_1 removed [ 290.408625][ T25] usb 2-1: USB disconnect, device number 9 [ 290.714224][ T1286] team0 (unregistering): Port device team_slave_0 removed [ 293.251438][ T5222] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 293.263809][ T5222] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 293.280668][ T5222] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 293.298638][ T5222] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 293.319468][ T5222] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 293.329756][ T5222] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 293.690490][ T7855] netlink: 36 bytes leftover after parsing attributes in process `syz.1.709'. [ 293.843642][ T7857] lo speed is unknown, defaulting to 1000 [ 294.214717][ T7756] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.340935][ T7797] chnl_net:caif_netlink_parms(): no params data found [ 294.604067][ T7756] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.892850][ T7756] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.044370][ T5222] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 295.070533][ T5222] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 295.090055][ T5222] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 295.110887][ T5222] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 295.130369][ T5222] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 295.137790][ T5222] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 295.253219][ T7756] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.369570][ T7797] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.383366][ T5222] Bluetooth: hci6: command tx timeout [ 295.409380][ T7797] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.427622][ T7797] bridge_slave_0: entered allmulticast mode [ 295.451798][ T7797] bridge_slave_0: entered promiscuous mode [ 295.631847][ T7797] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.639004][ T7797] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.722097][ T7797] bridge_slave_1: entered allmulticast mode [ 295.760481][ T7797] bridge_slave_1: entered promiscuous mode [ 295.985561][ T7892] netlink: 'syz.1.716': attribute type 16 has an invalid length. [ 295.989882][ T1286] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.028372][ T7892] netlink: 'syz.1.716': attribute type 3 has an invalid length. [ 296.049425][ T7882] lo speed is unknown, defaulting to 1000 [ 296.075336][ T7892] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.716'. [ 296.150830][ T7797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.294753][ T1286] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.406411][ T7797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.543822][ T1286] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.669501][ T7797] team0: Port device team_slave_0 added [ 296.804011][ T1286] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.866368][ T7797] team0: Port device team_slave_1 added [ 297.089010][ T7756] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 297.223921][ T5232] Bluetooth: hci8: command tx timeout [ 297.293720][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 297.320584][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.400295][ T7797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 297.445683][ T7756] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 297.460464][ T5232] Bluetooth: hci6: command tx timeout [ 297.539862][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 297.563705][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.658443][ T7797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.745729][ T7756] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 297.792612][ T7756] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 298.096572][ T7857] chnl_net:caif_netlink_parms(): no params data found [ 298.427464][ T7797] hsr_slave_0: entered promiscuous mode [ 298.470605][ T7797] hsr_slave_1: entered promiscuous mode [ 298.486278][ T7797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 298.498264][ T7797] Cannot create hsr debugfs directory [ 298.721304][ T1286] bridge_slave_1: left allmulticast mode [ 298.726994][ T1286] bridge_slave_1: left promiscuous mode [ 298.776434][ T1286] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.893103][ T1286] bridge_slave_0: left allmulticast mode [ 298.909036][ T1286] bridge_slave_0: left promiscuous mode [ 298.915348][ T1286] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.148668][ T5232] Bluetooth: hci5: command 0x0406 tx timeout [ 299.159131][ T5237] Bluetooth: hci3: command 0x0406 tx timeout [ 299.308548][ T4609] Bluetooth: hci8: command tx timeout [ 299.551405][ T4609] Bluetooth: hci6: command tx timeout [ 300.220927][ T5362] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 300.470351][ T5362] usb 2-1: Using ep0 maxpacket: 8 [ 300.496661][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 300.520870][ T1286] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.550337][ T5362] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 300.572482][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7 [ 300.584354][ T1286] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.590238][ T5362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 300.622617][ T5362] usb 2-1: New USB device found, idVendor=04ca, idProduct=3bfb, bcdDevice=6e.b5 [ 300.634137][ T1286] bond0 (unregistering): Released all slaves [ 300.640295][ T5362] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.658652][ T5362] usb 2-1: Product: syz [ 300.663374][ T5362] usb 2-1: Manufacturer: syz [ 300.667993][ T5362] usb 2-1: SerialNumber: syz [ 300.712124][ T5362] usb 2-1: config 0 descriptor?? [ 301.250515][ T7857] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.257759][ T7857] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.280496][ T7857] bridge_slave_0: entered allmulticast mode [ 301.287961][ T7857] bridge_slave_0: entered promiscuous mode [ 301.318232][ T7857] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.334007][ T7857] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.353353][ T7857] bridge_slave_1: entered allmulticast mode [ 301.377743][ T7857] bridge_slave_1: entered promiscuous mode [ 301.390699][ T4609] Bluetooth: hci8: command tx timeout [ 301.519624][ T5362] usb 2-1: USB disconnect, device number 10 [ 301.620400][ T4609] Bluetooth: hci6: command tx timeout [ 301.670440][ T7857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 301.823793][ T7857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.186577][ T7882] chnl_net:caif_netlink_parms(): no params data found [ 302.329637][ T1286] hsr_slave_0: left promiscuous mode [ 302.392504][ T1286] hsr_slave_1: left promiscuous mode [ 302.410753][ T1286] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 302.441048][ T1286] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 302.456860][ T1286] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 302.480313][ T1286] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.534881][ T1286] veth1_macvtap: left promiscuous mode [ 302.551236][ T1286] veth0_macvtap: left promiscuous mode [ 302.582418][ T1286] veth1_vlan: left promiscuous mode [ 302.598451][ T1286] veth0_vlan: left promiscuous mode [ 303.469311][ T4609] Bluetooth: hci8: command tx timeout [ 304.064395][ T1286] team0 (unregistering): Port device team_slave_1 removed [ 304.201937][ T1286] team0 (unregistering): Port device team_slave_0 removed [ 305.191242][ T7857] team0: Port device team_slave_0 added [ 305.533511][ T7956] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 305.543371][ T7956] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 305.552277][ T7956] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 305.561098][ T7956] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 305.591911][ T7956] vxlan0: entered promiscuous mode [ 305.622255][ T7857] team0: Port device team_slave_1 added [ 306.076528][ T7857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 306.089646][ T7857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 306.149621][ T7857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 306.166186][ T7857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 306.180774][ T7857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 306.215182][ T7857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 306.847716][ T7857] hsr_slave_0: entered promiscuous mode [ 306.865205][ T7857] hsr_slave_1: entered promiscuous mode [ 306.905719][ T7857] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 306.920344][ T7857] Cannot create hsr debugfs directory [ 306.940848][ T7756] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.158774][ T7882] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.190687][ T7882] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.198006][ T7882] bridge_slave_0: entered allmulticast mode [ 307.217928][ T7882] bridge_slave_0: entered promiscuous mode [ 307.357799][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.365784][ T7882] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.380791][ T7882] bridge_slave_1: entered allmulticast mode [ 307.390963][ T7882] bridge_slave_1: entered promiscuous mode [ 307.521211][ T7882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 307.605237][ T7882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 308.768064][ T7797] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 309.002431][ T7882] team0: Port device team_slave_0 added [ 309.043005][ T7756] 8021q: adding VLAN 0 to HW filter on device team0 [ 309.127929][ T7797] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 309.177875][ T7797] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 309.246639][ T7882] team0: Port device team_slave_1 added [ 309.316398][ T7797] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 309.393397][ T940] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.400624][ T940] bridge0: port 1(bridge_slave_0) entered forwarding state [ 309.449577][ T7882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 309.457516][ T7882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 309.487633][ T7882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 309.503416][ T940] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.510652][ T940] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.593419][ T7857] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.683391][ T7882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 309.699008][ T7882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 309.742431][ T7882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 309.873582][ T7857] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.152559][ T7857] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.213117][ T7882] hsr_slave_0: entered promiscuous mode [ 310.230779][ T7882] hsr_slave_1: entered promiscuous mode [ 310.261092][ T7882] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 310.268692][ T7882] Cannot create hsr debugfs directory [ 310.458376][ T7857] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.738994][ T7994] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 310.817745][ T7797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 311.028992][ T7797] 8021q: adding VLAN 0 to HW filter on device team0 [ 311.126018][ T5216] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.133223][ T5216] bridge0: port 1(bridge_slave_0) entered forwarding state [ 311.297071][ T5216] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.304302][ T5216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 311.380635][ T7857] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 311.393617][ T7857] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 311.538086][ T7857] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 311.576499][ T7857] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 311.855514][ T8013] netlink: 'syz.1.733': attribute type 5 has an invalid length. [ 311.955642][ T7756] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 312.566872][ T7857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 312.818386][ T7857] 8021q: adding VLAN 0 to HW filter on device team0 [ 312.935366][ T5216] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.942624][ T5216] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.985670][ T5216] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.994233][ T5216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.070508][ T7882] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 313.107266][ T7882] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 313.179819][ T7797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 313.249131][ T7882] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 313.272259][ T7882] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 313.498803][ T7756] veth0_vlan: entered promiscuous mode [ 313.543789][ T7756] veth1_vlan: entered promiscuous mode [ 313.583674][ T7857] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 313.805053][ T7797] veth0_vlan: entered promiscuous mode [ 313.960728][ T7756] veth0_macvtap: entered promiscuous mode [ 314.013861][ T7797] veth1_vlan: entered promiscuous mode [ 314.044465][ T7756] veth1_macvtap: entered promiscuous mode [ 314.177035][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.221161][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.241057][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.274454][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.302932][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.350333][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.370458][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.393441][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.403926][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.430279][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.455571][ T7756] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 314.513071][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.539458][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.550074][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.571226][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.600441][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.632902][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.656678][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.678185][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.703277][ T7756] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.741170][ T7756] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.768599][ T7756] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 314.808252][ T7756] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.839049][ T7756] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.861261][ T7756] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.870022][ T7756] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.993108][ T7797] veth0_macvtap: entered promiscuous mode [ 315.027395][ T7857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 315.083459][ T7797] veth1_macvtap: entered promiscuous mode [ 315.169299][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.248538][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.277815][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.311418][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.341209][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.378192][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.400543][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.440458][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.470552][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.506671][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.529606][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 315.564225][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.582481][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 315.602986][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.632668][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.670573][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.710292][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.734467][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.757996][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.778163][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.794728][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.820285][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.847127][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.880214][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 315.911928][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 315.948678][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 315.968929][ T7882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 316.085331][ T7797] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 316.102731][ T7797] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 316.125869][ T7797] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 316.150817][ T7797] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 316.248148][ T7882] 8021q: adding VLAN 0 to HW filter on device team0 [ 316.283451][ T1115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 316.316997][ T1115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 316.748324][ T7857] veth0_vlan: entered promiscuous mode [ 316.972846][ T5362] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.980048][ T5362] bridge0: port 1(bridge_slave_0) entered forwarding state [ 317.162076][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.169449][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 317.240122][ T7857] veth1_vlan: entered promiscuous mode [ 317.326713][ T8083] @: renamed from vlan0 (while UP) [ 317.375376][ T2564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.432482][ T2564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.570723][ T1258] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.577181][ T1258] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.586370][ T7857] veth0_macvtap: entered promiscuous mode [ 317.676115][ T7857] veth1_macvtap: entered promiscuous mode [ 317.753010][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.794961][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.843842][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 317.859598][ T8092] syz.1.739[8092] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 317.859753][ T8092] syz.1.739[8092] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 317.895338][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 317.960237][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 317.986842][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.030308][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.070450][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.093316][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.117383][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.140303][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.181130][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.225921][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.268676][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.308524][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.329398][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.356887][ T7857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 318.481534][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.539219][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.586861][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.630282][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.690227][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.720267][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.730128][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.770872][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.790281][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.821485][ T30] INFO: task syz.0.358:6484 blocked for more than 144 seconds. [ 318.829129][ T30] Not tainted 6.11.0-rc2-syzkaller #0 [ 318.837383][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.848057][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.861352][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.870073][ T30] task:syz.0.358 state:D stack:27360 pid:6484 tgid:6481 ppid:5215 flags:0x00000004 [ 318.880416][ T30] Call Trace: [ 318.883737][ T30] [ 318.887543][ T30] __schedule+0x17ae/0x4a10 [ 318.892303][ T30] ? __pfx___schedule+0x10/0x10 [ 318.896114][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.897177][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.912647][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 318.918148][ T30] ? schedule+0x90/0x320 [ 318.922504][ T30] schedule+0x14b/0x320 [ 318.926778][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.932376][ T30] __ww_mutex_lock+0xec2/0x2790 [ 318.937254][ T30] ? __ww_mutex_lock+0xb08/0x2790 [ 318.942399][ T30] ? drm_modeset_lock+0x6f/0x90 [ 318.947292][ T30] ? __pfx___ww_mutex_lock+0x10/0x10 [ 318.963747][ T7857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.977637][ T30] ? __drm_mode_object_find+0x448/0x5d0 [ 318.986311][ T7857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 319.034288][ T30] ? __pfx___drm_mode_object_find+0x10/0x10 [ 319.066635][ T30] ww_mutex_lock+0x40/0x1f0 [ 319.072011][ T30] ? drm_modeset_lock+0x65/0x90 [ 319.079535][ T7857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.090995][ T30] drm_modeset_lock+0x6f/0x90 [ 319.095739][ T30] drm_mode_getcrtc+0x152/0x770 [ 319.140565][ T30] drm_ioctl_kernel+0x33a/0x440 [ 319.145595][ T30] ? __pfx_drm_mode_getcrtc+0x10/0x10 [ 319.186631][ T30] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 319.208674][ T30] ? __might_fault+0xc6/0x120 [ 319.232162][ T30] drm_ioctl+0x611/0xad0 [ 319.236613][ T30] ? __pfx_drm_mode_getcrtc+0x10/0x10 [ 319.256461][ T30] ? __pfx_drm_ioctl+0x10/0x10 [ 319.280429][ T30] ? bpf_lsm_file_ioctl+0x9/0x10 [ 319.285448][ T30] ? security_file_ioctl+0x87/0xb0 [ 319.310579][ T30] ? __pfx_drm_ioctl+0x10/0x10 [ 319.315432][ T30] __se_sys_ioctl+0xfc/0x170 [ 319.320099][ T30] do_syscall_64+0xf3/0x230 [ 319.349127][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.360484][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.366463][ T30] RIP: 0033:0x7f3d4b1779f9 [ 319.390401][ T30] RSP: 002b:00007f3d4c001048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.399641][ T30] RAX: ffffffffffffffda RBX: 00007f3d4b305f80 RCX: 00007f3d4b1779f9 [ 319.450447][ T30] RDX: 00000000200002c0 RSI: 00000000c06864a1 RDI: 0000000000000006 [ 319.458487][ T30] RBP: 00007f3d4b1e58ee R08: 0000000000000000 R09: 0000000000000000 [ 319.490476][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.498516][ T30] R13: 000000000000000b R14: 00007f3d4b305f80 R15: 00007ffe2258ba98 [ 319.540546][ T30] [ 319.553831][ T30] INFO: task syz.0.358:6489 blocked for more than 144 seconds. [ 319.579954][ T30] Not tainted 6.11.0-rc2-syzkaller #0 [ 319.610258][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 319.619011][ T30] task:syz.0.358 state:D stack:27424 pid:6489 tgid:6481 ppid:5215 flags:0x00000004 [ 319.690596][ T30] Call Trace: [ 319.693943][ T30] [ 319.696893][ T30] __schedule+0x17ae/0x4a10 [ 319.740305][ T30] ? __pfx___schedule+0x10/0x10 [ 319.745232][ T30] ? __pfx_lock_release+0x10/0x10 [ 319.780474][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 319.786016][ T30] ? schedule+0x90/0x320 [ 319.830292][ T30] schedule+0x14b/0x320 [ 319.834530][ T30] schedule_preempt_disabled+0x13/0x30 [ 319.840038][ T30] __ww_mutex_lock+0xec2/0x2790 [ 319.900244][ T30] ? __ww_mutex_lock+0xb08/0x2790 [ 319.905362][ T30] ? drm_modeset_lock+0x6f/0x90 [ 319.946131][ T30] ? __pfx___ww_mutex_lock+0x10/0x10 [ 319.970240][ T30] ? __drm_mode_object_find+0x448/0x5d0 [ 319.975871][ T30] ? __pfx___drm_mode_object_find+0x10/0x10 [ 320.020424][ T30] ww_mutex_lock+0x40/0x1f0 [ 320.025024][ T30] ? drm_modeset_lock+0x65/0x90 [ 320.029926][ T30] drm_modeset_lock+0x6f/0x90 [ 320.080271][ T30] drm_mode_getcrtc+0x152/0x770 [ 320.085223][ T30] drm_ioctl_kernel+0x33a/0x440 [ 320.114982][ T30] ? __pfx_drm_mode_getcrtc+0x10/0x10 [ 320.150311][ T30] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 320.155856][ T30] ? __might_fault+0xc6/0x120 [ 320.193602][ T30] drm_ioctl+0x611/0xad0 [ 320.197945][ T30] ? __pfx_drm_mode_getcrtc+0x10/0x10 [ 320.240849][ T30] ? __pfx_drm_ioctl+0x10/0x10 [ 320.246447][ T30] ? bpf_lsm_file_ioctl+0x9/0x10 [ 320.290473][ T30] ? security_file_ioctl+0x87/0xb0 [ 320.295665][ T30] ? __pfx_drm_ioctl+0x10/0x10 [ 320.322020][ T30] __se_sys_ioctl+0xfc/0x170 [ 320.326697][ T30] do_syscall_64+0xf3/0x230 [ 320.359387][ T30] ? clear_bhb_loop+0x35/0x90 [ 320.380326][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.386300][ T30] RIP: 0033:0x7f3d4b1779f9 [ 320.408901][ T30] RSP: 002b:00007f3d4bfe0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 320.432128][ T30] RAX: ffffffffffffffda RBX: 00007f3d4b306058 RCX: 00007f3d4b1779f9 [ 320.460423][ T30] RDX: 0000000020000540 RSI: 00000000c06864a1 RDI: 0000000000000003 [ 320.468460][ T30] RBP: 00007f3d4b1e58ee R08: 0000000000000000 R09: 0000000000000000 [ 320.510269][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.518316][ T30] R13: 000000000000006e R14: 00007f3d4b306058 R15: 00007ffe2258ba98 [ 320.550906][ T30] [ 320.561359][ T30] [ 320.561359][ T30] Showing all locks held in the system: [ 320.569131][ T30] 1 lock held by khungtaskd/30: [ 320.610363][ T30] #0: ffffffff8e7382a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 320.637209][ T30] 3 locks held by kworker/1:1/46: [ 320.642882][ T30] #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 320.670692][ T30] #1: ffffc90000b67d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 320.708962][ T30] #2: ffff888027d61240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2d1/0x4130 [ 320.730254][ T30] 2 locks held by kworker/0:2/940: [ 320.735423][ T30] #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 320.790459][ T30] #1: ffffc90003eafd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 320.810279][ T30] 3 locks held by kworker/u8:6/1115: [ 320.815635][ T30] 7 locks held by kworker/u8:11/2961: [ 320.840394][ T30] 2 locks held by getty/4969: [ 320.845138][ T30] #0: ffff88823bcb48a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 320.880904][ T30] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 320.911882][ T30] 3 locks held by kworker/1:6/5362: [ 320.917130][ T30] #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 320.970273][ T30] #1: ffffc9000416fd00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 321.010233][ T30] #2: ffff88801caff240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2d1/0x4130 [ 321.040294][ T30] 4 locks held by syz.1.354/6470: [ 321.045385][ T30] 1 lock held by syz.0.358/6484: [ 321.070311][ T30] #0: ffff88802030c0b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: drm_modeset_lock+0x6f/0x90 [ 321.102025][ T30] 1 lock held by syz.0.358/6489: [ 321.107020][ T30] #0: ffff88802030c0b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: drm_modeset_lock+0x6f/0x90 [ 321.160289][ T30] 1 lock held by syz.4.654/7653: [ 321.165375][ T30] #0: ffff88802030c0b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: drm_modeset_lock+0x6f/0x90 [ 321.200265][ T30] 3 locks held by syz-executor/7797: [ 321.205599][ T30] #0: ffff8880a5f20d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 321.250255][ T30] #1: ffff8880a5f20078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 321.260047][ T30] #2: ffffffff8fbdaae8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 321.310296][ T30] 1 lock held by syz.0.698/7800: [ 321.315319][ T30] #0: ffff88802030c0b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: drm_modeset_lock+0x6f/0x90 [ 321.370268][ T30] 1 lock held by syz.0.698/7802: [ 321.375286][ T30] #0: ffff88802030c0b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: drm_modeset_lock+0x6f/0x90 [ 321.410291][ T30] 3 locks held by syz-executor/7857: [ 321.415636][ T30] #0: ffff888091f48d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 321.450234][ T30] #1: ffff888091f48078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 321.460070][ T30] #2: ffffffff8fbdaae8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 321.490434][ T30] 3 locks held by syz-executor/7882: [ 321.495764][ T30] #0: ffff88809174cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 321.520308][ T30] #1: ffff88809174c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 321.530066][ T30] #2: ffffffff8fbdaae8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 321.580429][ T30] 1 lock held by syz.1.743/8118: [ 321.585421][ T30] #0: ffffffff8e73d678 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 321.637850][ T30] [ 321.640611][ T30] ============================================= [ 321.640611][ T30] [ 321.649056][ T30] NMI backtrace for cpu 0 [ 321.653389][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc2-syzkaller #0 [ 321.662168][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 321.672238][ T30] Call Trace: [ 321.675524][ T30] [ 321.678473][ T30] dump_stack_lvl+0x241/0x360 [ 321.683182][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 321.688409][ T30] ? __pfx__printk+0x10/0x10 [ 321.693026][ T30] ? vprintk_emit+0x631/0x770 [ 321.697738][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 321.702802][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 321.707780][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 321.713262][ T30] ? _printk+0xd5/0x120 [ 321.717972][ T30] ? __pfx__printk+0x10/0x10 [ 321.722591][ T30] ? __wake_up_klogd+0xcc/0x110 [ 321.727473][ T30] ? __pfx__printk+0x10/0x10 [ 321.732093][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 321.737160][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 321.743193][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 321.749213][ T30] watchdog+0xfee/0x1030 [ 321.753492][ T30] ? watchdog+0x1ea/0x1030 [ 321.757935][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.762629][ T30] kthread+0x2f0/0x390 [ 321.766700][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.771376][ T30] ? __pfx_kthread+0x10/0x10 [ 321.775967][ T30] ret_from_fork+0x4b/0x80 [ 321.780383][ T30] ? __pfx_kthread+0x10/0x10 [ 321.784970][ T30] ret_from_fork_asm+0x1a/0x30 [ 321.789739][ T30] [ 321.793837][ T30] Sending NMI from CPU 0 to CPUs 1: [ 321.799117][ C1] NMI backtrace for cpu 1 [ 321.799131][ C1] CPU: 1 UID: 0 PID: 8156 Comm: dhcpcd-run-hook Not tainted 6.11.0-rc2-syzkaller #0 [ 321.799150][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 321.799159][ C1] RIP: 0010:kasan_check_range+0x86/0x290 [ 321.799182][ C1] Code: 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 <0f> 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc [ 321.799196][ C1] RSP: 0018:ffffc90017b0f668 EFLAGS: 00000246 [ 321.799210][ C1] RAX: ffffffff81414701 RBX: 1ffff92002f61ee4 RCX: ffffffff8141474e [ 321.799222][ C1] RDX: 0000000000000001 RSI: 0000000000000060 RDI: ffffc90017b0f720 [ 321.799232][ C1] RBP: ffffffffffffffff R08: ffffc90017b0f77f R09: 1ffff92002f61eef [ 321.799244][ C1] R10: dffffc0000000000 R11: fffff52002f61eef R12: 0000000000000000 [ 321.799255][ C1] R13: ffffffff817f1c90 R14: dffffc0000000001 R15: fffff52002f61ef0 [ 321.799267][ C1] FS: 0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 321.799280][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 321.799292][ C1] CR2: 00007fff7c68de08 CR3: 00000000467c8000 CR4: 00000000003506f0 [ 321.799306][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 321.799315][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 321.799325][ C1] Call Trace: [ 321.799331][ C1] [ 321.799337][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 321.799355][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 321.799376][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 321.799392][ C1] ? nmi_handle+0x2a/0x5a0 [ 321.799415][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 321.799432][ C1] ? nmi_handle+0x14f/0x5a0 [ 321.799447][ C1] ? nmi_handle+0x2a/0x5a0 [ 321.799462][ C1] ? kasan_check_range+0x86/0x290 [ 321.799479][ C1] ? default_do_nmi+0x63/0x160 [ 321.799496][ C1] ? exc_nmi+0x123/0x1f0 [ 321.799512][ C1] ? end_repeat_nmi+0xf/0x53 [ 321.799528][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 321.799549][ C1] ? __pfx___unwind_start+0x1/0x10 [ 321.799567][ C1] ? __unwind_start+0x3e/0x7c0 [ 321.799586][ C1] ? kasan_check_range+0x86/0x290 [ 321.799604][ C1] ? kasan_check_range+0x86/0x290 [ 321.799622][ C1] ? kasan_check_range+0x86/0x290 [ 321.799639][ C1] [ 321.799645][ C1] [ 321.799652][ C1] __asan_memset+0x23/0x50 [ 321.799667][ C1] __unwind_start+0x3e/0x7c0 [ 321.799688][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 321.799707][ C1] arch_stack_walk+0x103/0x1b0 [ 321.799729][ C1] stack_trace_save+0x118/0x1d0 [ 321.799747][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 321.799771][ C1] save_stack+0xfb/0x1f0 [ 321.799790][ C1] ? __pfx_save_stack+0x10/0x10 [ 321.799815][ C1] ? page_ext_get+0x20/0x2a0 [ 321.799834][ C1] __reset_page_owner+0x75/0x3f0 [ 321.799856][ C1] free_unref_page+0xd19/0xea0 [ 321.799878][ C1] __put_partials+0xeb/0x130 [ 321.799895][ C1] put_cpu_partial+0x17c/0x250 [ 321.799909][ C1] ? put_cpu_partial+0x70/0x250 [ 321.799927][ C1] __slab_free+0x2ea/0x3d0 [ 321.799944][ C1] ? __phys_addr+0xba/0x170 [ 321.799960][ C1] qlist_free_all+0x9e/0x140 [ 321.799982][ C1] kasan_quarantine_reduce+0x14f/0x170 [ 321.800000][ C1] __kasan_slab_alloc+0x23/0x80 [ 321.800016][ C1] ? getname_flags+0xb7/0x540 [ 321.800033][ C1] kmem_cache_alloc_noprof+0x135/0x2a0 [ 321.800054][ C1] getname_flags+0xb7/0x540 [ 321.800074][ C1] vfs_fstatat+0x12c/0x190 [ 321.800093][ C1] __x64_sys_newfstatat+0x11d/0x1a0 [ 321.800113][ C1] ? __pfx___x64_sys_newfstatat+0x10/0x10 [ 321.800141][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 321.800163][ C1] ? do_syscall_64+0x100/0x230 [ 321.800182][ C1] ? do_syscall_64+0xb6/0x230 [ 321.800201][ C1] do_syscall_64+0xf3/0x230 [ 321.800219][ C1] ? clear_bhb_loop+0x35/0x90 [ 321.800235][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.800259][ C1] RIP: 0033:0x7fa88c74d8a9 [ 321.800272][ C1] Code: 49 01 00 09 00 00 00 83 c8 ff c3 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 00 00 00 00 41 89 ca b8 06 01 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 0c f7 d8 41 83 c8 ff 89 05 a1 49 01 00 [ 321.800283][ C1] RSP: 002b:00007fff7c68dc58 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 321.800298][ C1] RAX: ffffffffffffffda RBX: 00007fa88c729000 RCX: 00007fa88c74d8a9 [ 321.800309][ C1] RDX: 00007fff7c68dd00 RSI: 00007fff7c68dc60 RDI: 00000000ffffff9c [ 321.800320][ C1] RBP: 00007fff7c68ddc0 R08: 0000000000080000 R09: 00007fff7c68dc60 [ 321.800331][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff7c68dc60 [ 321.800340][ C1] R13: 0000000000000004 R14: 00007fa88c75fa40 R15: 00000000ffffffff [ 321.800357][ C1] [ 322.530303][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 322.537211][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc2-syzkaller #0 [ 322.545998][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 322.556070][ T30] Call Trace: [ 322.559365][ T30] [ 322.562390][ T30] dump_stack_lvl+0x241/0x360 [ 322.567178][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 322.572393][ T30] ? __pfx__printk+0x10/0x10 [ 322.576998][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 322.583004][ T30] ? vscnprintf+0x5d/0x90 [ 322.587348][ T30] panic+0x349/0x860 [ 322.591272][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 322.597445][ T30] ? __pfx_panic+0x10/0x10 [ 322.601879][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 322.607281][ T30] ? __irq_work_queue_local+0x137/0x410 [ 322.612847][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 322.618248][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 322.624427][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 322.630606][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 322.636790][ T30] watchdog+0x102d/0x1030 [ 322.641154][ T30] ? watchdog+0x1ea/0x1030 [ 322.645601][ T30] ? __pfx_watchdog+0x10/0x10 [ 322.650386][ T30] kthread+0x2f0/0x390 [ 322.654918][ T30] ? __pfx_watchdog+0x10/0x10 [ 322.659613][ T30] ? __pfx_kthread+0x10/0x10 [ 322.664221][ T30] ret_from_fork+0x4b/0x80 [ 322.668656][ T30] ? __pfx_kthread+0x10/0x10 [ 322.673264][ T30] ret_from_fork_asm+0x1a/0x30 [ 322.678056][ T30] [ 322.681200][ T30] Kernel Offset: disabled [ 322.685514][ T30] Rebooting in 86400 seconds..